Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/P35l78ms5-T0XqZvkiJkxxLe1sk.roa
File: P35l78ms5-T0XqZvkiJkxxLe1sk.roa (raw, json)
Hash identifier: GbINHrHf5tXCYPpCb9R+2XabtWA/IB3nd/dpjF3Gpmk=
Subject key identifier: 3F:7E:65:EF:C9:AC:E7:E4:F4:5E:A6:6F:92:22:64:C7:12:DE:D6:C9
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0190B226554CB93B80334415E0B92363D212
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/P35l78ms5-T0XqZvkiJkxxLe1sk.roa
Signing time: Sun 14 Jul 2024 16:49:35 +0000
ROA not before: Sun 14 Jul 2024 16:49:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398343
IP address blocks: 193.124.15.0/24 maxlen: 24
193.124.24.0/24 maxlen: 24
194.87.29.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.135.104.0/24 maxlen: 24
195.133.26.0/23 maxlen: 23
195.133.83.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 14 Aug 2024 07:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:b2:26:55:4c:b9:3b:80:33:44:15:e0:b9:23:63:d2:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 14 16:49:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f7e65efc9ace7e4f45ea66f922264c712ded6c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b4:62:d6:67:30:a6:e5:9e:9e:58:74:ec:52:
8f:5a:ac:d0:84:99:d8:89:ff:c8:c5:e2:64:95:16:
99:39:05:cf:0d:14:3f:9c:d8:5a:4e:3e:77:e4:80:
cf:1d:68:c4:c0:2e:a9:de:37:60:f0:10:98:51:09:
9a:a5:e1:9f:22:26:b0:6c:0d:94:a3:a5:de:cc:04:
f9:09:1b:41:76:de:09:e7:c5:ce:72:db:e1:c8:38:
bb:26:7a:58:f2:ea:c2:ee:09:69:fa:ae:57:ad:d8:
75:85:ef:f2:74:23:78:09:6f:77:9e:58:46:d7:ca:
71:17:8a:79:55:f1:6b:43:b7:fb:60:57:36:d0:fe:
0f:e4:c3:b6:47:f1:f3:36:b9:0c:cf:40:7b:e3:c0:
e3:f3:30:6c:cc:cc:b1:cd:8d:53:22:71:23:63:90:
45:82:04:3c:8a:23:eb:15:3f:82:24:bf:f4:31:da:
5c:10:21:29:e5:13:29:ad:59:e6:b5:ed:23:d7:d2:
fe:08:aa:f0:87:f6:14:45:54:9c:02:da:08:e9:ba:
64:75:0e:06:28:9c:50:e7:fd:1e:d6:d4:99:86:d0:
44:b1:3c:7f:ce:94:fc:e6:74:87:cd:fb:5c:b6:85:
38:79:1b:90:fa:15:ba:7f:16:37:95:da:cf:4d:3c:
b7:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:7E:65:EF:C9:AC:E7:E4:F4:5E:A6:6F:92:22:64:C7:12:DE:D6:C9
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/P35l78ms5-T0XqZvkiJkxxLe1sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.15.0/24
193.124.24.0/24
194.87.29.0/24
194.87.123.0/24
194.135.104.0/24
195.133.26.0/23
195.133.83.0/24
212.193.6.0/24
Signature Algorithm: sha256WithRSAEncryption
44:b1:99:26:6f:b6:5a:24:97:05:3c:f0:cf:2a:cd:3b:4e:20:
06:59:e6:ee:df:af:f5:5d:72:fa:a8:54:62:41:e9:2b:65:b8:
92:c3:f1:ea:d4:c1:a9:d6:23:43:27:7a:a6:66:8b:d5:68:7b:
75:1c:f4:4d:52:b6:ba:eb:9f:63:5f:99:06:12:c8:cb:4f:e7:
53:ef:21:14:10:92:2e:31:37:6a:f0:0a:aa:21:75:5f:08:ac:
e1:36:ea:7c:d0:83:85:1a:28:13:cd:4f:51:fb:25:32:68:90:
65:65:be:6c:b7:ab:0b:c0:c6:4c:c0:34:66:77:4a:22:ec:26:
7f:23:95:90:42:a3:81:a3:54:dc:e6:c8:7e:95:9a:d7:4d:a7:
d7:e1:e2:2f:04:3b:68:0d:28:11:61:10:58:f0:bd:8d:be:fc:
8c:13:f6:29:1a:8d:59:3f:7f:d6:30:e9:1d:d9:04:fb:f0:a3:
b8:85:a5:68:e6:ad:54:fc:7c:47:31:d9:d5:ee:53:ec:41:2b:
61:94:d7:06:72:2d:11:dc:17:79:4e:3d:df:0f:89:e5:f0:d9:
10:15:df:5f:73:8b:e4:f5:9e:81:2f:6f:51:77:f1:bc:ed:7a:
21:ef:1f:93:f6:7e:58:65:20:b1:fd:07:35:ac:0c:8c:67:ad:
c3:fe:2c:07
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZCyJlVMuTuAM0QV4LkjY9ISMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwNzE0MTY0OTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjdlNjVlZmM5YWNlN2U0ZjQ1ZWE2NmY5MjIyNjRjNzEyZGVkNmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7Ri1mcwpuWenlh07FKPWqzQhJnY
if/IxeJklRaZOQXPDRQ/nNhaTj535IDPHWjEwC6p3jdg8BCYUQmapeGfIiawbA2U
o6XezAT5CRtBdt4J58XOctvhyDi7JnpY8urC7glp+q5Xrdh1he/ydCN4CW93nlhG
18pxF4p5VfFrQ7f7YFc20P4P5MO2R/HzNrkMz0B748Dj8zBszMyxzY1TInEjY5BF
ggQ8iiPrFT+CJL/0MdpcECEp5RMprVnmte0j19L+CKrwh/YURVScAtoI6bpkdQ4G
KJxQ5/0e1tSZhtBEsTx/zpT85nSHzftctoU4eRuQ+hW6fxY3ldrPTTy3MwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFD9+Ze/JrOfk9F6mb5IiZMcS3tbJMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvUDM1bDc4bXM1LVQwWHFadmtpSmt4eExlMXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAwXwPAwQA
wXwYAwQAwlcdAwQAwld7AwQAwodoAwQBw4UaAwQAw4VTAwQA1MEGMA0GCSqGSIb3
DQEBCwUAA4IBAQBEsZkmb7ZaJJcFPPDPKs07TiAGWebu36/1XXL6qFRiQekrZbiS
w/Hq1MGp1iNDJ3qmZovVaHt1HPRNUra6659jX5kGEsjLT+dT7yEUEJIuMTdq8Aqq
IXVfCKzhNup80IOFGigTzU9R+yUyaJBlZb5st6sLwMZMwDRmd0oi7CZ/I5WQQqOB
o1Tc5sh+lZrXTafX4eIvBDtoDSgRYRBY8L2NvvyME/YpGo1ZP3/WMOkd2QT78KO4
haVo5q1U/HxHMdnV7lPsQSthlNcGci0R3Bd5Tj3fD4nl8NkQFd9fc4vk9Z6BL29R
d/G87Xoh7x+T9n5YZSCx/Qc1rAyMZ63D/iwH
-----END CERTIFICATE-----
Generated at Wed Aug 14 09:28:03 2024 by rpki-client on console-ams.rpki-client.org